The No-Nonsense Guide to Data Security for Travelers

On the first Tuesday of each month, Dave Dean from Too Many Adapters gives us great tips and advice on travel tech and gear. This month’s column is on data security. It’s topic that worries a lot of travelers (especially folks like me who work online) so Dave is delving deep into the subject today.

If there’s a less sexy travel subject than data security, I don’t know what it is. When you’re planning your trip and up to your elbows in guidebooks, maps, and blog posts about deserted beaches and delicious foods, it’s not going to be backup strategies or file encryption that gets your heart racing.

And that’s a bit of a problem. If you’re going to be toting a smartphone, tablet, or laptop around the world, protecting your data really matters. It doesn’t take a huge effort or cost to keep yourself safe — but if you don’t, you’re at serious risk of losing all of your trip photos, having your identity stolen and accounts hacked, and giving yourself a technology headache that’s far more painful than a night drinking at the local hostel.

Below are detailed ways to back up your memories the right way, protect your data, and avoid common security mistakes. By doing the following things, you’ll never be stressed about the technology and information you use and share on the road.

Public computers are bad news.

When I started traveling in the late ’90s, Internet cafes were pretty much the only way to get online. I still remember sitting hunched over a broken keyboard in a sweaty little shop in Dar es Salaam, dust and fumes from the nearby road forming a murky haze as I battled with the slowest connection in the world to let my family know I was still alive.

Many of those dusty cafes have since shut down as travelers use their own devices and cheap Wi-Fi connections the world. From a security standpoint, that’s a good thing. Public computers are bad news. Those ramshackle old desktops in Internet cafes or the corner of the hostel common room may as well have a big sign on them saying “Please Steal My Data.” Why?

They’re typically full of all kinds of unknown software installed by staff and customers over the years.

Security and virus updates don’t get done — nobody cares enough to maintain things properly. I once scanned a hostel computer for viruses just to amuse myself, but stopped after it found 50 in the first couple of minutes.

It’s very easy to install key-logging software that will capture everything you type, sift through it for anything that looks like usernames and passwords, and send it off for others to use.

In short, if you have any other way of getting online, use it.

If you absolutely must use a public computer — it’s a dire emergency or you really need to print that boarding pass — there are a few ways to make it a little safer. These aren’t foolproof, but they’re a good start:

Don’t do anything involving money. This means that online banking, Paypal, and other financial services, as well as buying anything online that requires you to enter credit card details, are off limits. You’re just taking unnecessary risks by doing so.

Use two-factor authentication for as many online services as possible. These combine something you know (like a password) and something you have (an SMS message, phone, fingerprint scanner, or special app) to create single-use passwords. Even if your account information is stolen, nobody else can use it to log in. SMS-based authentication systems can be a problem for travelers, especially if your phone doesn’t work overseas, so check out other options like the Google Authenticator app for your phone or tablet first.

USB sticks can help. If you travel with your own laptop or Android device and need to print something out, copy the file onto a memory stick beforehand and use that, rather than logging onto email on a shared computer. You can also copy software you’re likely to need onto a USB stick, and use that instead of the dubious versions installed on the computer you’re using. Even just using a browser like Firefox Portable or Chrome Portable is a good start. Check out Portableapps.com to see the range of portable software that’s available.
Just remember to scan your USB stick for viruses regularly from a device you trust.

At an absolute minimum, use the web browser’s Incognito/Private Browsing modeto avoid your details being saved, log out of all of the apps you use, and reboot the computer when you’re finished with it.

Public Wi-Fi is great, but it’s not secure.

Cafés, hostels, airports, and even parks and public spaces often offer cheap or free Wi-Fi that anyone can use. Sometimes it’s hard to know where a signal is even coming from, but if we can see it, you can bet we’ll try to use it.

That’s where the problems start.

By default much of your information is visible to anyone with the right tools as it moves across a wireless network. Networks that need a password aren’t much better than those that don’t — how many people have been given the details for your hostel’s Wi-Fi this month? When was that password on the café chalkboard last changed?

You have to assume that other people can connect to the network you’re using. Once they’ve done that, any data you don’t protect are at risk. Someone can literally sit drinking a coffee in the corner while their computer scans and saves your personal information.

So what should you do?

Always use Virtual Private Network (VPN) software. In simple terms, a VPN lets you connect to a server somewhere else in the world and encrypts all of the information that passes between you and it. Good free options include TunnelBear and Cyberghost, which can also be upgraded to unrestricted paid services. I use Witopia PersonalVPN Pro, which costs around $6/month and has worked in every country I’ve tried it in. Look for a service that can be used with both laptops and mobile devices, and that specifically says it works in China. If it works there, it’s likely to work anywhere.

If for some reason you can’t use a VPN, at least protect your web browsing. Try typing https instead of http into the address bar — to access Gmail, for example, you’d type https://gmail.com. If a padlock appears beside the address, the data you send and receive from that site is encrypted. If you’re using Chrome, Firefox, or Opera, it’s even easier: install the HTTPS Everywhere plugin and it’ll do this for you automatically.

It’s much harder to intercept cellular networks than Wi-Fi ones, so if you’re doing something sensitive and have access to reasonably priced cell data on your phone or tablet, use it.

Backups are boring — but you need to do them!

Backing up your data while traveling is boring. Let’s face it, there’s always something much more interesting to do…right up to the point where you lose the thousands of photos you’ve taken on your trip, or the phone number and email address of everyone you’ve met. Laptops get stolen, hard drives break, phones get dropped in the toilet, memory cards get corrupted. Bad things happen, and you need to prepare for them.

There’s an old saying among geeks like me that data stored in one place doesn’t really exist. For travelers, this generally means copying new files to a different device as soon as possible, and to somewhere online not long after that.

There are many different approaches you can take, depending on the gear you travel with and what you need to back up. I’ll cover a couple of common scenarios, and you can find more detail here, here and here.

Traveling with a laptop? Read this!
For those traveling with a laptop, backing up is straightforward if you follow a simple process. Before leaving on your trip, pick up a portable hard drive (they cost as little as $50 for a 1Tb model). Each night, copy the day’s photos from your camera or smartphone, then plug your hard drive in and back everything up. Now, even after you delete shots from your phone or camera SD card, you’ve still got two copies of them.

Theft, fire, water, and more can take out your camera, laptop, and portable drive all at once. To be completely safe, you also need an online backup. Due to slow and irregular Internet connections when traveling, these backups can take a long time to run — I started mine while traveling in Australia and New Zealand, and it didn’t finish until I got to Thailand four months later!

Free options like Dropbox, iCloud, and Google Plus are fine for storing a limited number of photos, and I used them for a couple of years. Eventually though, I moved to a paid subscription with Crashplan — for around $5/month, I have unlimited online storage for any kind of file, and it runs automatically whenever I have an Internet connection. (Matt says: I use Crashplan. It’s saved my proverbial life on more than one occasion.)

If you’re using a Mac, the built-in Time Machine does a good job of managing hard drive backups automatically. If you only want to copy photos, documents, and music to online storage, iCloud may fit your needs — you get 5GB of space for free and can easily buy more.

For Windows users, there are dozens of choices. As mentioned I use Crashplan, as it deals with both hard drive and online backups automatically at a reasonable price. There’s a version for Mac too, if you need unlimited cloud storage or want to back up all file types.

Don’t travel with a laptop? Read this!
If you’ve decided not to carry a laptop on your trip, backing data requires a slightly different approach. The first challenge is copying photos from your camera to a smartphone or tablet — here’s how to do it for both Android and Apple devices, as long as you’ve got enough storage.

Once you’ve transferred your photos, it’s time to back them up to a different device. There are different ways to do this, but the easiest option is to buy a wireless hard drive (something like the Seagate Wireless Plus) that creates its own hotspot, then use the app it comes with to copy files backward and forward. Added bonus: this is also a great way of carrying around a large movie or music collection without filling up your smartphone or tablet.

The easiest part of the process is backing your shots up online — it’ll even happen automatically if you copy the files from your camera into the right folder on your phone or tablet. Those with Apple devices can just enable iCloud, while Android users can achieve the same thing with the Camera Upload feature of Dropbox. In either case, just pay for as much additional cloud storage as you need — it’ll be a few dollars a month in most cases.

Protecting your data when it’s out of your hands

Sometimes bad things happen no matter how careful you are. Laptops, tablets, and phones are attractive targets for thieves. While you can’t always prevent someone stealing your gear, you can at least take a few precautions to stop them accessing your data as well.

Always use a PIN Code or Password
The first step is to always set up a PIN code or password on your device. It only takes a few seconds to do and is a good deterrent to casual thieves. On your laptop, use a long password that doesn’t appear in a dictionary and isn’t easily guessable. If your phone or tablet supports PIN numbers longer than four digits, use one — and if you’re using a current model of iPhone or iPad, enable the Touch ID fingerprint scanner as well.

Enable encryption
If PIN numbers and passwords are good for keeping casual eyes off your personal information, encryption does the same thing for more determined snoops. Even if someone pulls the hard drive out of your laptop or manages to bypass your PIN number, your data remain protected. Without the right password, your information is just a collection of random characters. It’s easy to set up on most devices, and is or soon will be enabled by default on new iOS and Android devices.

If all else fails and you’ve decided that your gadgets just aren’t coming back, you can also tell any of the above software to remotely delete everything on your device the next time it connects to the Internet. At least that way you only need to mourn the loss of your technology, and not your personal information as well!

A few parting tips

As well as everything covered above, there are a few other basic tips that will help you keep your data safe on the road:

Use antivirus software to keep the bad guys out. AVG makes a good, free anti-virus system that I’ve been using for years on both Windows and Android, and there’s a (non-free) Mac version available as well.

Update your device and software regularly. In other words, don’t ignore those annoying prompts to install security patches and new software versions — they’re there for a reason! Wait until you’ve got a decent Internet connection, then let them run.

Rather than using the same terrible password for everything, use a password manager to create unique, super-strong passwords for all of the different websites and services you use. I personally use Lastpass (free on desktop, a dollar per month on mobile), but there are several other options. I now only need to remember one master password — the one for Lastpass itself.

Keeping your data safe, secure, and protected when you travel doesn’t have to be hard work. Spend a little time and money setting everything up properly before you leave, and you’ll need to do almost nothing extra day to day. Backups start automatically and only take a few minutes if you do them regularly. Staying safe on dubious Wi-Fi connections takes two clicks, and creating strong passwords is even easier. Encryption takes care of itself once you set it up.

And doing all that is better than having your identity stolen, your bank accounts hacked and watching every photo you’ve taken on your trip disappear off the back of a tuk-tuk.

Dave runs Too Many Adapters, a site devoted to technology for travelers. A geek as long as he can remember, he worked in IT for 15 years. Now based out of a backpack long term, Dave writes about travel and tech from anywhere with half-decent Internet and a great view. You can also find him talking about the life of a long-term traveller at What’s Dave Doing?

Great advice, I have used those internet cafes so many times but I never thought about them getting my password and information, I guess I have been lucky so far.

I usually just find an internet cafe where I can sit down and use my laptop, I have always been lazy with backing up my photos but i have just started to use Dropbox, just in case something will happen to my laptop, it’s better to be safe than sorry.

Really helpful article. I’ve played with backing up my photos both on a hard drive and online for extra protection. However, since internet connections are so slow in many countries, it takes 5 minutes to upload anything. I dream that someone will invent a way to upload photos more quickly with bad web connections (wouldn’t that be a work of genus!), but until then I’ll just keep uploading one photo at a time.

Fantastic advice all around, especially about the VPNs. Be careful about USB sticks if you, heaven forbid, might accidentally have some illegal software or media like Hollywood movies on them. We’ve been through several borders in Central Asia now that check USB sticks.

Such a great post! I have lost everything both at home and abroad due to theft and I am much more careful now. Laptop is backed up to a portable HD, as well as Carbonite (similar to Crashplan) with Prey installed. iPhone is backed up to iCloud with Find My iPhone on. I also have a small laptop lock that I always travel with so I can lock it to a bed or desk or something large… won’t deter the good thieves who come prepared, but most are thieves of opportunity and won’t be carrying bolt cutters or a saw.

This is sooo comprehensive – thanks Dave! I have to admit, I didn’t know about half of this stuff, so I’m freaking out a bit now about all the info I may have left around the world. Time to get that VPN….

Great advice here. I know I need to do more about my data security – it just seems like such a big job to get started!!
One issue I have with online backups that I’m trying to sort through is the cost of the data involved. If my phone takes pictures at roughly 2-3MB each, and I take a hundred pictures today, that’s 200-300MB of data automatically uploaded to the cloud. That’s fine if I’m using someone else’s fast WiFi, but it starts to get expensive if I’m using my own mobile connection, and painfully slow if I’m using my hostel’s dodgy old connection – not to mention all the bandwidth I’ll eat up while doing the uploads, preventing me and anyone else using the connection from doing much of anything. Any advice for how to get round this issue? I’m looking at trying to find a decent bulk image compressor, but I haven’t found a good one yet.
The other issue with auto-backups is that there are some things I don’t want forever and ever and ever. If I take a quick picture to, I don’t know, check my makeup, or try to see a scratch on the back of my leg or something, I might not delete it right away, but I certainly don’t want that image for the next 15 years, and if I upload it to the cloud, it exists forever, right? It’s hard to properly delete anything once it’s entered the cloud.
I think the ideal solution would be an app that allows you to scroll through your images and select a bunch, then with one tap compress them and upload them – only the ones you choose though. Anyone know if something like that exists? I haven’t found it yet…

All of the cloud backup tools I’ve seen for mobile let you enable them only for use on wi-fi, so you don’t need to burn up your data allowance. Slow internet is definitely a problem — it’s the main reason why I suggest having a hard drive or large USB stick to make a backup straight away, and let your cloud backup catch up whenever it can. If you find you’re killing the hostel wi-fi, perhaps just disable the backup for a few hours and turn it back on before you go to bed, so it can run overnight when other people aren’t using the connection.

Agree about the auto-backup uploading things that you may not really want to keep forever. While Crashplan etc let you pick which folders you want to upload, phone apps like iCloud and Dropbox just send all the photos up to the cloud. Dropbox notifies me whenever it uploads anything, so I just delete photos I don’t want to keep at that point. I haven’t come across an app that does what you’re after, but I agree, it’d be a good idea!

Very useful advice for travellers… I remember the strangest public internet cafe I ever used was in a tiny plywood room at 4500m altitude in the himalayas with yaks going past and I needed to check my banking…

Excellent post. Glad that you came up wuth such an important aspect we normally ignore while traveling. Although its not something we can completely avoid it but if we are aware, we can surely control the damage of data theft.

“Security and virus updates don’t get done – nobody cares enough to maintain things properly. I once scanned a hostel computer for viruses just to amuse myself, but stopped after it found fifty in the first couple of minutes.”

Haha yeah that happened with me too during our stay at a hostel in SG.

My only real advice would be to try different VPN software. It’s possible to block certain types of VPN quite easily, but if you’ve got one that uses the OpenVPN protocol, you’ll find it works most places.

VPN protocol can be easily identified and blocked even using Open VPN. I would suggest looking for a VPN provider like Astrill or similar that masks the protocol. Astrill calls it stealth VPN for example.

Check to see if it works in China. If so, it probably works everywhere!

Thanks you for sharing, such sound advice! My husband and I always travels with multiple devices. We are also guilty of using public computers at our hotel to print out itinerary’s, boarding passes, etc! We never even thought about our personal info being compromised. We will make better choices in the future, due to this post. Thanks, again!

I am not a techie. For me, security can indeed be a boring subject. However, having my data stolen does make me anxious now and then. These are some great tips. I especially like the advice about Lastpass as I am frequently frustrated about all the passwords I need to remember.

I solved some security problems by traveling with a Chromebook. It updates automatically, stores all the data in the cloud, and it is not so vulnerable for viruses because you can’t install any programs on it. The downside is that I sometimes need to use Windows programs. There it gets more dangerous, as I do this in Internet shops. This post made me realize that I need to be more careful in such places. Thanks for the great advice Dave. I bookmarked your post.

Fantastic article! I am going to be sharing this one with all my followers because it’s a really important subject.

A couple of years ago 2 of our iPhones were hacked in Miami. By the time we were done we had over $3K in phone calls on our bill. It took us MONTHS to resolve this issue and hours of wasted time on the phone with Verizon. In the end, after so much time trying to resolve the issue we got the charges reversed.

We have portable storage that we take on trips and we have our own cloud storage that we can link up to (although it’s slow). Recently we signed up for Mylio. This allows you to share photos among up to 5 devices (our plan). It’s worth looking into for storing photos. At least if they are on other devices you can restore them just in case you loose them on 1 device.